[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: what's the differnce?

--On Tuesday, July 13, 2004 6:59 AM +0200 Christian Schäfer <caefer@krachstoff.net> wrote:

Christopher Schadl wrote:

Port 636 is used for LDAP over SSL.  In order for that to work, you will
need to have generated an SSL certificate for the LDAP server to use,
and the SSL certificate will have to have the fully qualified domain
name of the LDAP server set as it's Common Name attribute.  If you're
just communicating with the LDAP server in question via localhost, then
you shouldn't need SSL, (you can just set the -p option to use the
default LDAP port of 389) however, if you're communicating over a
network then you should definatley read
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html for more
information on setting up SSL/TLS.

yes, sorry.. I should have mentioned that. my ldap _is_ listening on 636
over ssl already.

netstat -tnpl  shows slapd listening on all certificates are
available. that's not the problem. :-)

but I will check out if the order of options will change things.

It is never going to work until you at least make the changes I noted earlier. ;)


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html